[error] Error: Field access runtime check failed for struct Node.left
[error] Nonzero exit code returned from runner: 1
[error] (Compile / run) Nonzero exit code returned from runner: 1
It turns out that tree_add does not contain the correct code for passing permissions back and forth from tree_add_helper. The incorrect code looks like this:
We see that a tempfield variable is created to gather permissions from tree_add_helper (which is should since tree_add_helper requires permission tracking). However, tree_add_helper's contract is precise, so permissions computed from the precondition must be passed to tree_add_helper and the postcondition must be analyzed to return permissions back from tree_add_helper. None of this code is injected above. That is because as coded here, https://github.com/gradual-verification/gvc0/blob/26398e36e0ad37c4eb9b64ecaac94cf3d842cd5f/src/main/scala/gvc/weaver/Checker.scala#L294, permissions from the precondition (postcondition) of tree_add_helper are only computed and sent to (returned from) tree_add_helper when tree_addneedsToTrackPrecisePerms. Currently, this flag is only set to true if tree_add contains imprecision in its body. However, it should also be set to true if it contains imprecision in its contract. That is, the definition of needsToTrackPrecisePerms must be updated to include these additional cases to fix the above bug.
jennalwise
commented
2 years ago
https://drive.google.com/file/d/1zo85HiRcqZbFFRQGldL255NzOKrztM16/view?usp=sharing is failing with the error:
It turns out that
tree_adddoes not contain the correct code for passing permissions back and forth fromtree_add_helper. The incorrect code looks like this:We see that a tempfield variable is created to gather permissions from
tree_add_helper(which is should sincetree_add_helperrequires permission tracking). However,tree_add_helper's contract is precise, so permissions computed from the precondition must be passed totree_add_helperand the postcondition must be analyzed to return permissions back fromtree_add_helper. None of this code is injected above. That is because as coded here, https://github.com/gradual-verification/gvc0/blob/26398e36e0ad37c4eb9b64ecaac94cf3d842cd5f/src/main/scala/gvc/weaver/Checker.scala#L294, permissions from the precondition (postcondition) oftree_add_helperare only computed and sent to (returned from)tree_add_helperwhentree_addneedsToTrackPrecisePerms. Currently, this flag is only set to true iftree_addcontains imprecision in its body. However, it should also be set to true if it contains imprecision in its contract. That is, the definition ofneedsToTrackPrecisePermsmust be updated to include these additional cases to fix the above bug.